CVE-2021-40833

Published: Nov 26, 2021Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

A vulnerability affecting F-Secure antivirus engine was discovered whereby unpacking UPX file can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine.

Affected (5)

Products: F Secure: Atlant, Internet Gatekeeper, Linux Security, Linux Security 64, Elements Endpoint Protection

5 products

Internet Gatekeeper

Linux Security 64

Elements Endpoint Protection

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
F Secure Atlant	All versions
F Secure Internet Gatekeeper	All versions
F Secure Linux Security	All versions
F Secure Linux Security 64	All versions

Configuration B

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
F Secure Elements Endpoint Protection	All versions

Running on/with	Platform Versions
Apple Macos	All versions
Microsoft Windows	All versions

Related CWEs

Improper Resource Shutdown or Release

The product does not release or incorrectly releases a resource before it is made available for re-use.

References (4)

https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame

Source: cve-notifications-us@f-secure.com

Vendor Advisory

https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-40833

Source: cve-notifications-us@f-secure.com

Vendor Advisory

https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-40833

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.